Tamper indication system and method for a computing system
A tamper indication system for a computing system comprises a sensor reader configured to determine a state of a tamper sensor of the computing system, and firmware disposed in the computing system and configured to cause a report to evidence whether the report has been tampered with, the report indicating the state of the tamper sensor.
When passing through security checkpoints, such as security checkpoints at airports, computing systems are often subjected to a “power-on” test that is intended to ascertain whether the computing system is a legitimately operating computing system. However, such tests are often incomplete from a security standpoint. For example, a digital media drive (DMD) may have been removed from a notebook computer and replaced with a case holding contraband, but a “power-on” test is unlikely to uncover such a replacement. Further, tamper-evident adhesive labels can be used to indicate removal of parts from a computing system or an opening of the case, but replacement labels can be applied in place of the damaged originals in order to erase the evidence of tampering.
For a more complete understanding of the present application, the objects and advantages thereof, reference is now made to the following descriptions taken in conjunction with the accompanying drawings, in which:
In the embodiment illustrated in
Firmware 20 is configured to determine a state of sensor 24 (e.g. whether sensor 24 is in a state signifying a tamper event occurred) during boot-up of computing system 12. Sensor 24 is coupled, mechanically and/or electrically, to protected asset 26, thereby enabling sensor 24 to sense and/or otherwise detect a change to and/or tampering of protected asset 26. Tamper sensor 24 may be disposed in or coupled to computing system 12. Protected asset 26 may be disposed in or externally coupled to computing system 12. For example, protected asset 26 may comprise a digital media drive (DMD), a battery, an access panel, a circuit, an input/output device, or any other device where it is desired to ascertain whether the particular asset has been subject to tampering. For example, in some embodiments, protected asset 26 comprises a DMD 40 and sensor 24 comprises a thin wire or optical fiber configured to break if protected asset 26 (e.g., DMD 40) is removed from computing system 12. By attempting to sense a current, voltage, electrical resistance or optical signal associated with sensor 24, firmware 20 is configured to determine whether sensor 24 has been broken, thereby indicating that protected asset 26 may have been removed and/or replaced. It should be understood that sensor 24 may comprise any type of sensor with a state determinable by firmware 20, such as an electrical switch, a magnetic switch, a proximity indicator, and an environmental sensor. It should be further understood that other forms of tampering, including opening, inserting a device, substance or signal, and causing changes in configuration or operation, may also be detected by embodiments of sensor 24.
In the embodiment illustrated in
In the embodiment illustrated in
In the embodiment illustrated in
In the embodiment illustrated in
In operation, for example, in response to a user powering up computing system 12, power supply 34 provides power to at least firmware 20. Firmware 20 begins executing instructions in boot block 54 which is occurring before CPU 30 is operable to execute OS 36 instructions. Sensor reader 50 reads the state of tamper sensor 24 and/or any other tamper sensors coupled to firmware 20, and logic 56 determines the state of tamper sensor 24 by comparing the currently-measured state with previously-recorded measurement 62. Logic 56 then generates report 60, which is digitally signed and/or encrypted by firmware 22, thereby rendering report 60 tamper-evident. For example, in the embodiment illustrated in
Thus, if protected asset 26 had been tampered with, sensor 24 will detect the physical tampering and the evidence of tampering will be reflected in the generation of report 60. If report 60 is then altered in an attempt to delete any indication of tampering with protected asset 26, the alteration of report 60 will be detectable. In some embodiments, monitoring system 14 is configured to validate and/or otherwise verify the integrity of report 60 by either using digital signature 90 and/or analyzing the results of decrypting an encrypted report 60. If report 60 has been tampered with, for example to conceal the tampering of protected asset 26, monitoring system 14 is able to determine that report 60 is not reliable. If monitoring system 14 validates the integrity of report 60, the contents of report 60 may be used to determine whether protected asset 26 has been tampered with.
Accordingly, for example, if computing system 12 comprises a notebook computer being transported through a security checkpoint, monitoring system 14 may be configured to form part of the checkpoint security system, and remote system 120 may comprise a computing system located in a remote security office. In response to computing system 12 being subjected to a “power-on” test, firmware 20 will generate report 60. Monitoring system 14, located at the security checkpoint, is configured to import report 60 from computing system 12. If verification logic 100 identifies tampering of report 60 and/or report 60 indicates tampering of protected asset 26, a security alert may be generated to appear at monitoring system 14 and/or remote system 120.
In some embodiments, protected asset 26 may comprise an asset that is subject to modification, removal or opening during repair, use and upgrading of computing system 12. In some embodiments, report logic 56 is further configured to read the state of sensor 24 after an authorized modification, removal or opening of protected asset 26 and update measurement 62 in trusted memory 52 subject to the entry of a security password matching a password 130 stored in trusted memory 52. For example, in some embodiments, measurement 62 comprises an alphanumeric sequence representing information uniquely identifying protected asset 26, such as a serial number permanently burned into a memory of protected asset 26 that is read by sensor 24. Changing protected asset 26 will result in sensor 24 reading a different alphanumeric sequence. In some embodiments, report logic 56 is configured to enable measurement 62 to be updated by an authorized party, for example, a network administrator with knowledge of password 130
Thus, embodiments of system 10 enable a determination as to whether a computing device has been tampered with by using measurements taken and/or otherwise acquired by trusted components of the computing device. It should be understood that in the described methods, certain functions may be omitted, accomplished in a sequence different from that depicted in
Claims
1. A tamper indication method for a computing system, comprising:
- determining a state of a tamper sensor of the computing system during a boot process of the computing system; and
- causing a report to evidence whether the report has been tampered with, the report indicating the state of the tamper sensor.
2. The method of claim 1, further comprising comparing the state of the tamper sensor with a previously-recorded measurement.
3. The method of claim 1, further comprising determining the state of the tamper sensor prior to a central processing unit (CPU) of the computing system executing instructions associated with an operating system for the computing system.
4. The method of claim 1, further comprising digitally signing the report.
5. The method of claim 1, further comprising encrypting the report.
6. The method of claim 1, further comprising storing the report in a trusted firmware memory.
7. The method of claim 1, further comprising exporting the report to an external monitoring system.
8. The method of claim 1, further comprising verifying an integrity of the report by a monitoring system external to the computing system.
9. A tamper indication system for a computing system, comprising:
- a sensor reader configured to determine a state of a tamper sensor of the computing system; and
- firmware disposed in the computing system and configured to cause a report to evidence whether the report has been tampered with, the report indicating the state of the tamper sensor.
10. The system of claim 9, wherein the report is stored in a trusted firmware memory.
11. The system of claim 9, further comprising logic configured to compare the state of the tamper sensor with a previously-recorded measurement.
12. The system of claim 9, wherein the firmware is configured to digitally sign the report.
13. The system of claim 9, wherein the firmware is configured to encrypt the report.
14. The system of claim 9, further comprising logic configured to generate the report prior to causing a central processing unit (CPU) of the computing system to execute instructions associated with an operating system for the computing system.
15. The system of claim 9, further comprising logic configured to export the report to a monitoring system external to the computing system.
16. The system of claim 9, further comprising a monitoring system configured to verify an integrity of the report received from the computing system.
17. A tamper indication method for a computing system, comprising:
- receiving a report generated by a trusted firmware of the computing system, the report indicating whether a tamper sensor of the computing system has been subject to tampering.
18. The method of claim 17, further comprising verifying an integrity of the report.
19. The method of claim 17, further comprising verifying an integrity of the report by verifying a digital signature of the report.
20. The method of claim 17, further comprising verifying an integrity of the report by decrypting the report.
21. A tamper indication system for a computing system, comprising:
- a monitoring system configured to receive a report generated by a trusted firmware of the computing system, the report indicating whether a tamper sensor of the computing system has been subject to tampering.
22. The system of claim 21, wherein the monitoring system is configured to verify an integrity of the report.
23. The system of claim 21, wherein the monitoring system is configured to verify a digital signature of the report.
Type: Application
Filed: Apr 30, 2007
Publication Date: Oct 30, 2008
Inventor: Mark R. Schiller (Fort Collins, CO)
Application Number: 11/799,217
International Classification: G06F 21/00 (20060101);